Message length overflow in frontier

Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause an overflow panic. No action is needed unless you have a bridge node that needs to distinguish different reversion exit reasons and you used RPC for this. There are currently no known workarounds.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

整数溢出或超界折返

Frontier 输入验证错误漏洞

Frontier是一个 Substrate 的以太坊兼容层。用于运行未经修改的以太坊 Dapp。 Frontier 存在输入验证错误漏洞，该漏洞源于在 EVM 恢复的情况下会影响RPC结果的解析。在发布版本中，这将导致退出原因被 RPC错误地解析和返回。在调试版本中，这将导致溢出死机。

N/A

N/A